Concern high among IT pros on GDPR
4 April 2017 | 0
Concern is high among organisations large and small over compliance with the European Union’s General Data Protection Regulations (GDPR), according to a survey by IDC for Dell EMC.
The results of a survey carried out by Dimensional Research of 821 IT and business professionals responsible for data privacy at companies with European, found that 82%, at both SMBs and enterprises, are concerned with GDPR compliance, while almost three quarters (70%) say they are not nor don’t know if their company is prepared for GDPR today.
Only 3% of respondents have a plan for readiness, less than one in three feel they are currently ready for GDPR.
As the regulations will cover anyone holding or processing the data of European citizens, they will apply to more than just European companies, however, more than three quarters of respondents outside Europe say they are not or don’t know if they are prepared for GDPR.
The regulations have an increased scope for fines and penalties, with enterprises facing potential fines for breaches of €20 million or up to 4% of global annual turnover. Despite this, there is confusion as to what can be brought to bear. Of the 21% of respondents who said they would face a penalty if GDPR were in place today, 36% think it would require only an easy remediation, or don’t know the penalty. Close to half believe they would face a moderate financial penalty or manageable remediation work.
Locally, figures from the upcoming TechBeat survey, in association with Ward Solutions, found that 15% of Irish organisations had yet to do anything about GDPR, while more than one in 10 (12%) admitted they did not know what GDPR was about.
Experts have said that while GDPR is probably the single greatest changes to personal data in recent times, it is also an opportunity.
Simon Nixon, director, Product Management, Information Intelligence, Veritas, has argued that by achieving compliance with the regulations, organisations will have a much better idea of not only what they have in terms of data, but will also be better placed to determine how to turn the data into intelligence and thus competitive advantage.
However, the journey to compliances starts with assessment, both in terms of the data held and the extent to which the regulations apply within the organisation. Skills then need to be assessed, teams assembled and only then can the real work begin.
TechFire, in association with Fujitsu and Veritas, will address the journey in a series of three events on the regulations. The first, on 6 April in Croke Park, Dublin, will look at the organisation’s exposure, understanding the extent of the regulation and how it can be turned to an advantage. With a legal view from Anne-Marie Bohan of Matheson, the event will confidently start you on the journey to the May 2018 deadline for compliance.
The event is free, but registration is required. See TechFire.ie for details of this and the other events in the series on GDPR.